phpLiveHelper Vulnerable to Remote Code Execution

The popular live support tool phpLiveHelper is vulnerable to remote code execution due to an error in the way the tool processes URL parameters.

ITPro Today

March 28, 2006

1 Min Read
ITPro Today logo in a gray background | ITPro Today

The popular live support tool phpLiveHelper is vulnerable to remote code execution due to an error in the way the tool processes URL parameters. By using a known URL parameter an intruder could cause their code of choice to be included into phpLiveHelper in realtime where that code would then run on the operator's system. An exploit could possibly open a port on a vulnerable system that would allow intruders to interact with the compromised system in variety of ways. No response from the vendor is known at this time

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like